package com.tech.security.securityservice.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author sl
 */
@RestController
public class TestSecurityAccessController {

    /**
     * 测试数据访问接口
     * @return
     */
    @GetMapping("/access")
    @PreAuthorize("hasAuthority('access')")
    public String access(){
        return "access success!!";
    }

    /**
     *  @PreAuthorize("@myAccess.hasAuthority('audit')")
     *  使用自定义权限校验
     * @return
     */
    @GetMapping("/audit")
    @PreAuthorize("@myAccess.hasAuthority('audit')")
    public String audit(){
        return "audit access!!";
    }

    /**
     * 使用spring security权限校验
     * @return
     */
    @GetMapping("/delete")
    @PreAuthorize("hasAuthority('delete')")
    public String delete(){
        return "delete access!!";
    }
}
